aboutsummaryrefslogtreecommitdiff
path: root/utils
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2017-09-20 21:19:05 +0200
committerKarel Kočí <cynerd@email.cz>2017-09-20 21:22:36 +0200
commitf287ecedc78c0cc8fb485c5995b8d1cfae9f0fe8 (patch)
tree5025b33a8c3d4c69ad2b62e1169b669c56f712f9 /utils
parent65f52ead41dc6df73671ddd3a8c6a2edecb6dfb3 (diff)
downloadmulticonfig-f287ecedc78c0cc8fb485c5995b8d1cfae9f0fe8.tar.gz
multiconfig-f287ecedc78c0cc8fb485c5995b8d1cfae9f0fe8.tar.bz2
multiconfig-f287ecedc78c0cc8fb485c5995b8d1cfae9f0fe8.zip
Commit current statecomplicated
Diffstat (limited to 'utils')
-rw-r--r--utils/cleaner23
-rw-r--r--utils/diff28
-rw-r--r--utils/echo13
-rw-r--r--utils/encrypt42
-rw-r--r--utils/fdata36
-rw-r--r--utils/install7
-rw-r--r--utils/lock5
-rw-r--r--utils/ops30
-rw-r--r--utils/syscheck28
9 files changed, 191 insertions, 21 deletions
diff --git a/utils/cleaner b/utils/cleaner
new file mode 100644
index 0000000..4919085
--- /dev/null
+++ b/utils/cleaner
@@ -0,0 +1,23 @@
+# vim:ft=sh:noexpandtab
+# Functions for cleanups
+
+EXIT_CODE=0
+
+do_cleanup() {
+ echo "$CLEANUP_ACTIONS" | while read CMD; do
+ eval "$CMD"
+ done
+ exit $EXIT_CODE
+}
+
+trap do_cleanup EXIT INT QUIT TERM ABRT
+
+cleaner_add() {
+ CLEANUP_ACTIONS="$CLEANUP_ACTIONS
+$@"
+}
+
+cleaner_rm() {
+ # TODO this might be problematic with special characters
+ CLEANUP_ACTIONS="$(echo "$CLEANUP_ACTIONS" | sed "/^$@$/d")"
+}
diff --git a/utils/diff b/utils/diff
new file mode 100644
index 0000000..0d093c7
--- /dev/null
+++ b/utils/diff
@@ -0,0 +1,28 @@
+# vim:ft=sh:noexpandtab
+# Clever diff function
+
+# TODO directory diff
+
+# This function does diff and reports changes on debug level
+# First and second arguments have to be paths to compared files and third argument
+# have to be a debug message prepended string.
+# It exits with nonzero exit code if there is no difference.
+do_diff() {
+ if [ ! -f "$1" ]; then
+ echo_error "No reference file to compare to: $1"
+ return 1 # We pretend that there is no change as reference file is missing
+ fi
+ if [ ! -f "$2" ]; then
+ echo_dbg "$3: No target file"
+ return 0
+ fi
+
+ # Do real diff if both files exists
+ local DIFF="$(diff --suppress-common-lines -ay "$1" "$2")"
+ if [ -n "$DIFF" ]; then
+ echo_dbg "$3:
+$DIFF"
+ else
+ return 1
+ fi
+}
diff --git a/utils/echo b/utils/echo
index c936f63..eeb8fa9 100644
--- a/utils/echo
+++ b/utils/echo
@@ -5,21 +5,21 @@ ECHO_VERBOSE=0
echo_info() {
set +x
- [ $ECHO_VERBOSE -ge 0 ] || return
+ [ $ECHO_VERBOSE -ge 0 ] || return 0
echo -e "\e[1;34m$@\e[0m" >&2
[ $ECHO_VERBOSE -lt 3 ] || set -x
}
echo_warn() {
set +x
- [ $ECHO_VERBOSE -ge -1 ] || return
+ [ $ECHO_VERBOSE -ge -1 ] || return 0
echo -e "\e[1;33m$@\e[0m" >&2
[ $ECHO_VERBOSE -lt 3 ] || set -x
}
echo_error() {
set +x
- [ $ECHO_VERBOSE -ge -2 ] || return
+ [ $ECHO_VERBOSE -ge -2 ] || return 0
echo -e "\e[1;31m$@\e[0m" >&2
[ $ECHO_VERBOSE -lt 3 ] || set -x
}
@@ -31,20 +31,21 @@ echo_die() {
fi
[ $ECHO_VERBOSE -lt 3 ] || set -x
# Suicide
+ EXIT_CODE=2
kill $$
}
echo_dbg() {
set +x
- [ $ECHO_VERBOSE -ge 1 ] || return
+ [ $ECHO_VERBOSE -ge 1 ] || return 0
echo -e "\e[1;90m$@\e[0m" >&2
[ $ECHO_VERBOSE -lt 3 ] || set -x
}
echo_trace() {
set +x
- [ $ECHO_VERBOSE -ge 2 ] || return
- echo -e "\e[1;90m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -ge 2 ] || return 0
+ echo -e "\e[0;90m$@\e[0m" >&2
[ $ECHO_VERBOSE -lt 3 ] || set -x
}
diff --git a/utils/encrypt b/utils/encrypt
new file mode 100644
index 0000000..d1cb938
--- /dev/null
+++ b/utils/encrypt
@@ -0,0 +1,42 @@
+# vim:ft=sh:noexpandtab
+# Allows work with encrypted files using their temporally copy.
+
+if [ -n "$KEY_FILE" ] && [ -f "files/keys/$(hostname)" ]; then
+ SECRET_KEY="$(openssl aes-192-cbc -d -a -kfile "$KEY_FILE" -in files/keys/"$(hostname)")"
+else
+ SECRET_KEY="$(gpg2 --decrypt files/keys/primary.gpg)"
+fi
+
+# Decrypt to temporally file in /tmp
+# First argument should be the path to file to be decrypted and second argument
+# output file.
+fdecrypt() {
+ PASS_ENC="$SECRET_KEY" openssl aes-192-cbc -d -a -pass env:PASS_ENC -in "$1" -out "$2"
+}
+
+# Encrypt given file to target path
+# First argument have to be a path to file to be encrypted and second argument
+# output file.
+fencprypt() {
+ PASS_ENC="$SECRET_KEY" openssl aes-192-cbc -e -a -pass env:PASS_ENC -in "$1" -out "$2"
+}
+
+# Decrypt file to temporally one
+# First argument have to be path to file to be extracted.
+tfdecrypt() {
+ local TEMPF="$(mktemp /tmp/multiconfig_XXXXXXXX)"
+ fdecrypt "$1" "$TEMPF"
+ echo "$TEMPF"
+}
+
+# Cat decrypted file
+# First argument have to be a path to file to be catted.
+catdecrypt() {
+ PASS_ENC="$SECRET_KEY" openssl aes-192-cbc -d -a -pass env:PASS_ENC -in "$1"
+}
+
+# Encrypt stdin to file
+# First argument have to be a path to output file.
+outencrypt() {
+ PASS_ENC="$SECRET_KEY" openssl aes-192-cbc -e -a -pass env:PASS_ENC -out "$2"
+}
diff --git a/utils/fdata b/utils/fdata
new file mode 100644
index 0000000..4d36242
--- /dev/null
+++ b/utils/fdata
@@ -0,0 +1,36 @@
+# vim:ft=sh:noexpandtab
+# Datasets on filesystem
+
+FDATA_PATH="/tmp/multiconfig-fdata"
+mkdir -p "$FDATA_PATH"
+cleaner_add "rm -rf '$FDATA_PATH'"
+
+dict_set() {
+ local DPATH="$FDATA_PATH/$1"; shift
+ mkdir -p "$DPATH"
+ local FPATH="$DPATH/$1"; shift
+ echo "$@" > "$FPATH"
+}
+
+dict_get() {
+ local P="$FDATA_PATH/$1/$2"
+ [ -f "$P" ] || return
+ cat "$P"
+}
+
+dict_keys() {
+ local P="$FDATA_PATH/$1"
+ if [ -d "$P" ]; then
+ ls -A "$P" | tr '\n' ' '
+ fi
+}
+
+dict_contains() {
+ local P="$FDATA_PATH/$1/$2"
+ [ -f "$P" ]
+}
+
+dict_empty() {
+ local P="$FDATA_PATH/$1"
+ [ ! -d "$P" ] || [ -z "$(ls -A "$P")" ]
+}
diff --git a/utils/install b/utils/install
new file mode 100644
index 0000000..852163e
--- /dev/null
+++ b/utils/install
@@ -0,0 +1,7 @@
+# vim:ft=sh:noexpandtab
+# Various install functions
+
+# Install directory of file
+install() {
+ true
+}
diff --git a/utils/lock b/utils/lock
new file mode 100644
index 0000000..9d02dae
--- /dev/null
+++ b/utils/lock
@@ -0,0 +1,5 @@
+# vim:ft=sh:noexpandtab
+# This implements lock to check to run tool just once
+
+# TODO create lock and fail if no lock is present
+# TODO remove lock at the exit using cleaner
diff --git a/utils/ops b/utils/ops
new file mode 100644
index 0000000..1365ec8
--- /dev/null
+++ b/utils/ops
@@ -0,0 +1,30 @@
+# vim:ft=sh:noexpandtab
+# Utility functions for operations
+
+# Set operation we are working on
+ops_set_current() {
+ OPERATION_CURRENT="$1"
+}
+
+ops_require() {
+ while [ $# -gt 0 ]; do
+ dict_set "ops/$OPERATION_CURRENT" "$1" true
+ shift
+ done
+}
+
+ops_required_any() {
+ if ! dict_empty "ops/$OPERATION_CURRENT"; then
+ echo_warn "$1 requires update for following components: $(ops_required_list)"
+ else
+ return 1
+ fi
+}
+
+ops_is_required() {
+ dict_contains "ops/$OPERATION_CURRENT" "$1"
+}
+
+ops_required_list() {
+ dict_keys "ops/$OPERATION_CURRENT"
+}
diff --git a/utils/syscheck b/utils/syscheck
index a0c29a0..fcddae4 100644
--- a/utils/syscheck
+++ b/utils/syscheck
@@ -3,19 +3,19 @@
# Check that we are root (this tool can be run only as root)
# TODO uncomment
-# [ "$(id -u)" = "0" ] || echo_die "Distconfig have to be run as root."
+# [ "$(id -u)" = "0" ] || echo_die "Multiconfig have to be run as root."
-# We have sudo or su
-which sudo >/dev/null || which su >/dev/null || echo_die "There is no sudo or su command."
+# We have su
+which su >/dev/null || echo_die "There is no su command."
# Check that we are not using csh or tcsh
# Note: variable shell should be defined only on csh or tcsh (note lowercase)
-[ -z "$shell" ] || echo_die "Distconfig doesn't support csh nor tcsh."
+[ -z "$shell" ] || echo_die "Multiconfig doesn't support csh nor tcsh."
# Check that we have gpg
which gpg >/dev/null || echo_die "There is no gpg command."
-# Check that trunk is signed using correct key
+# Check that git trunk is signed using trusted key
# TODO
# Check root owner (should be root)
@@ -31,18 +31,16 @@ which openssl >/dev/null || echo_die "There is no openssl command."
# Check that we can decrypt using openssl and aes-192-cbc
OPENSSL_TEST_PASSWORD="XduF2T_opDknbzN0EyJJCBFyS1i6yaBU5Beb6IZkFVHWZGWOIZCF1Cc0zrupjEaV"
-[ "$(openssl aes-192-cbc -d -a -k "$OPENSSL_TEST_PASSWORD" < files/openssl_test_file)" = "It works!" ] || \
+[ "$(openssl aes-192-cbc -d -a -k "$OPENSSL_TEST_PASSWORD" -in files/openssl_test_file)" = "It works!" ] || \
echo_die "Test message couldn't been decrypted."
-# Check that we have key file
-[ -n "$KEY_FILE" ] || echo_die "No key specified. Please pass --key."
-
# Check that given key works with our machinery
-# TODO
+[ "$(catdecrypt files/encrypted_test)" = "It works!" ] || \
+ echo_die "Encryption machinery failed to decrypt test file"
# Check that we have internet connection
-DC_INTERNET=true
-if ! ping -c 5 -w 30 cynerd.cz >/dev/null; then
- echo_warn "No internet connection detected. All operations requiring internet connection will be skipped"
- DC_INTERNET=false
-fi
+#DC_INTERNET=true
+#if ! ping -c 5 -w 30 cynerd.cz >/dev/null; then
+# echo_warn "No internet connection detected. All operations requiring internet connection will be skipped"
+# DC_INTERNET=false
+#fi